[SR-Users] uac_auth problem

neumann Wed, 16 Apr 2014 00:20:23 -0700

Hi all sorry for my english!
Iam trying to authenticate as uac on 3rd party server(Asterisk).
Kamailio get 401, send next invite with DIGEST but Asterisk send 401 again(((
Asterisk don’t write in log what auth is failed.



115.600045 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP/SDP 1093 Request: INVITE 
sip:321321...@xxx.xxx.xxx.xxx, with session description
115.601818 yyy.yyy.yyy.yyy -> xxx.xxx.xxx.xxx SIP 674 Status: 401 Unauthorized
115.602470 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP 389 Request: ACK 
sip:321321...@xxx.xxx.xxx.xxx
115.604310 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP/SDP 1267 Request: INVITE 
sip:321321...@xxx.xxx.xxx.xxx, with session description
115.605537 yyy.yyy.yyy.yyy -> xxx.xxx.xxx.xxx SIP 674 Status: 401 Unauthorized
115.606431 xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy SIP 389 Request: ACK 
sip:321321...@xxx.xxx.xxx.xxx

My aster peer:

[kamailio]
type=peer
defaultuser=kamailio
secret=1234
host=dynamic
disallow=all
allow=alaw
nat=no
qualify=yes



My kamailio config:


modparam("uac","auth_username_avp","$avp(s:uac_user)")
modparam("uac","auth_password_avp","$avp(s:uac_pass)")
modparam("uac","auth_realm_avp","$avp(s:uac_realm)")

route[DISPATCH_OUT] {
            if(!ds_select_dst( 4, 8)){
                    send_reply("404", "No destination");
                    exit;
            }
            t_set_fr(0,2000);
            t_on_failure("RTF_DISPATCH_OUT");
            t_relay();
            exit;
}

failure_route[RTF_DISPATCH_OUT] {
        if (t_is_canceled()) {
                exit;
        }

        if ( t_check_status("401|407") ) {
                $avp(s:uac_user) = "kamailio";
                $avp(s:uac_pass) = "1234";
                $avp(s:uac_realm) = "asterisk";
       
                if (isflagset(7)) {
                        t_reply("513","Authentication failed");
                        xlog("L_INFO", "[%ci]: Remote authentication failed\n");
                        break;
                 }

                if (uac_auth()) {
                        xlog("L_INFO", "401/407 message recived");
                        # mark that auth was performed
                        setflag(7);
                        # trigger again the failure route
                        t_on_failure("RTF_DISPATCH_OUT");
                        # repeat the request with auth response this time
                        append_branch();
                        #t_relay_to_udp("94.25.100.198","5060");
                        t_relay();
                        break;
                 } else {
                        xlog("L_INFO", "uac_auth filed!!!!!!!!!!!");
                }
                t_reply("514","Unknow authentication peer");
                xlog("L_INFO", "[%ci]: Unknown authentication peer.\n");
                break;
                }

                 # next DST - only for 500 or local timeout
                if (t_check_status("500") or t_check_status("480") or 
(t_branch_timeout() and !t_branch_replied())){
                ds_mark_dst("p");
                if(ds_next_dst()){
                        t_set_fr(0,2000);
                        t_on_failure("RTF_DISPATCH_OUT");
                        route(RELAY);
                        exit;
                }
        }
}



————————————

Timofeev Dmitry
VoIP Engineer
Linux, Asterisk, Freeswitch, Cisco solutions
Skype: itsroot
icq: 227227933

_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] uac_auth problem

Reply via email to